ADFS 2.0 RC上的声明提供程序信任问题 [英] Trouble with Claims Provider Trust on ADFS 2.0 RC
问题描述
我使用测试网站作为RP实现了自定义STS。 它主要基于Matias Woloski的 OpenID协议转换STS 示例....除了我使用最新版本的FedUtil重新实现它。 无论如何,RP网站获得了索赔和各种工作。
现在我想将此STS用作ADFS 2.0 RC中的声明提供程序。 但是,当我完成对OpenID的身份验证后,我不断被重定向到:http://server.com/adfs/services/trust,并且该过程因"HTTP 503:服务不可用"而死亡。 br />我是否错误配置了联合身份验证服务标识符? 我在这里做些傻瓜吗? 我可以提供可能需要的任何额外细节。
谢谢!
:: Travis
I have a custom STS implemented with a test web site as an RP. It's largely based on Matias Woloski's OpenID protocol transition STS example....except I re-implemented it using the latest version of FedUtil. Anyhow, the RP web site gets the claims and everyting works.
Now I'd like to use this STS as a Claims Provider in ADFS 2.0 RC. However, when I finish authenticating to OpenID I keep getting redirected to: http://server.com/adfs/services/trust and the process just dies with a "HTTP 503: The service is unavailable".
Do I have the Federation Service Identifier mis-configured? Am I doing someting boneheaded here? I can provde any extra details that might be required.
Thanks!
:: Travis
推荐答案
所以看起来我遇到与此主题。 在我的例子中,RP是SharePoint 2010.
这很好用:RP - > ADFS 2.0 - > RP
我通过Windows登录验证ADFS 2.0并使用声明进入SharePoint 2010。 一切都很好。
但是,我真正想要的是:RP - > ADFS 2.0 - > OpenID STS-> OpenID登录 - > RP
......或类似的东西。 我知道OpenID STS在与标准ASP.NET网页一起使用时工作正常。
在ADFS 2.0中,我使用声明提供程序信任,将OpenID STS配置为WS-Federation被动端点  Open ID STS提供名称,角色和身份验证(http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authentication)声明。
这将是一个有点常见情况,不是吗?原始线程从未被解决,所以也许没有...·
谢谢,
:: Travis
So it looks like I'm having the exact same problem as with this thread. In my case, the RP is SharePoint 2010.
This works great: RP -> ADFS 2.0 -> RP
I auth to ADFS 2.0 via Windows Login and get into SharePoint 2010 with claims. All is well.
However, what I really want is this: RP -> ADFS 2.0 -> OpenID STS-> OpenID Login -> RP
...or something similar. I know the OpenID STS works fine when used with a standard ASP.NET web page.
In ADFS 2.0, I'm using a claim provider trust with the OpenID STS configured as a WS-Federation passive endpoint. The Open ID STS is providing Name, Role, and Authentication (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authentication) claims.
This would be a somewhat common scenario, no? The original thread was never resolved so perhaps not...
Thanks,
:: Travis
这篇关于ADFS 2.0 RC上的声明提供程序信任问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!